Location: PHPKode > projects > Mummi (Multi-user MOD_MP3 Interface) > mummi.0.6/htroot/verifyuser.php
<?
//  This get the document root specified in the virtual host of apache
$GLOBALS[int_path] = getenv(DOCUMENT_ROOT);

// This will be changed to look at a file that the user can set the prefrence of.
$GLOBALS[lib_path] = "$GLOBALS[int_path]/../lib";

include "$GLOBALS[lib_path]/config.inc";
include "$GLOBALS[lib_path]/mysql.inc";
include "$GLOBALS[lib_path]/overseer.inc";
include "$GLOBALS[lib_path]/user_db.inc";
include "$GLOBALS[lib_path]/design.inc";

$user_db = new USER_DB();
if(!$user_db->connect("$GLOBALS[dbhost]","$GLOBALS[dbusername]","$GLOBALS[dbuserpassword]","$GLOBALS[dbname]")) header("Location: $url_path/error_db_fail.php");

$os = new OVERSEER;
$os->connect("$GLOBALS[dbhost]","$GLOBALS[dbusername]","$GLOBALS[dbuserpassword]","$GLOBALS[dbname]");


// Set the user navbars.
if(!$HTTP_COOKIE_VARS[login_active]) $nav_array = array(main);
elseif($os->num_rows("SELECT user_name FROM users WHERE user_name='$session_array[user_name]' AND user_type='1'")) $nav_array = array_merge($GLOBALS[admin_navbox_array], $os->get_navbox_array($session_array[user_name]));
else $nav_array = array(user_main);



// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

// verifydt01



// Setting the default page contents
$GLOBALS[verify00] = <<<ENDverify00
					<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
						<td align="left" valign="top">
							<form method="POST" action="$PHP_SELF">
							<table cellpadding="1" cellspacing="2" border="0"><tr>
								<td align="left" valign="top">
									<table cellpadding="1" cellspacing="0" border="0"><tr>
										<td align=right>Username:</td>
										<td><input type="text" name="user_name" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td align="right">Password:</td>
										<td><input type="password" name="user_pass" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td>&nbsp;</td>
										<td>
										<input type="hidden" name="verifydt00" value="true">
										<input type="submit" value="Login">
									</tr></table>
								</td>
								<td valign="top">
									Welcome to the second part of registration.  Enter the username and password that was sent to you via email.<br>
								</td>
							</tr></table>
							</form>
						</td>
					</tr></table>

ENDverify00;


// This is the page displayed if there is no username in the tmp_table
$GLOBALS[verify01] = <<<ENDverify01
					<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
						<td align="left" valign="top">
							<form method="POST" action="$PHP_SELF">
							<table cellpadding="1" cellspacing="2" border="0"><tr>
								<td align="left" valign="top">
									<table cellpadding="1" cellspacing="0" border="0"><tr>
										<td align=right>Username:</td>
										<td><input type="text" name="user_name" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td align="right">Password:</td>
										<td><input type="password" name="user_pass" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td>&nbsp;</td>
										<td>
										<input type="hidden" name="verifydt00" value="true">
										<input type="submit" value="Login">
									</tr></table>
								</td>
								<td valign="top">
									<font color="red"><b>Username not found<b></font><br>
									The username you specified is not in the registration database.  Please try again.<br>
								</td>
							</tr></table>
							</form>
						</td>
					</tr></table>

ENDverify01;


// This is the page displayed if the password doesn't match what's in the tmp_user table
$GLOBALS[verify02] = <<<ENDverify02
					<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
						<td align="left" valign="top">
							<form method="POST" action="$PHP_SELF">
							<table cellpadding="1" cellspacing="2" border="0"><tr>
								<td align="left" valign="top">
									<table cellpadding="1" cellspacing="0" border="0"><tr>
										<td align=right>Username:</td>
										<td><input type="text" name="user_name" value="$HTTP_POST_VARS[user_name]" size="15" maxlength="25"></td>
									</tr><tr>
										<td align="right">Password:</td>
										<td><input type="password" name="user_pass" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td>&nbsp;</td>
										<td>
										<input type="hidden" name="verifydt00" value="true">
										<input type="submit" value="Login">
									</tr></table>
								</td>
								<td valign="top">
									<font color="red"><b>Password is invalid</b></font><br>
									The password supplied for that username is invalid.  Please reenter the password.<br>
								</td>
							</tr></table>
							</form>
						</td>
					</tr></table>

ENDverify02;


$GLOBALS[verify07] = <<<ENDverify07
					<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
						<td align="left" valign="top">
							<form method="POST" action="$PHP_SELF">
							<table cellpadding="1" cellspacing="2" border="0"><tr>
								<td align="left" valign="top">
									<table cellpadding="1" cellspacing="0" border="0"><tr>
										<td align=right>Username:</td>
										<td><input type="text" name="user_name" value="$HTTP_POST_VARS[user_name]" size="15" maxlength="25"></td>
									</tr><tr>
										<td align="right">Password:</td>
										<td><input type="password" name="user_pass" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td>&nbsp;</td>
										<td>
										<input type="hidden" name="verifydt00" value="true">
										<input type="submit" value="Login">
									</tr></table>
								</td>
								<td valign="top">
									<font color="red"><b>Not complete</b></font><br>
									A required filed was left blank.  Please fill in all required fields and try again.<br>
								</td>
							</tr></table>
							</form>
						</td>
					</tr></table>

ENDverify07;

















// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

// verifydt01
















// email just sent to user right after confirmation of all info
$GLOBALS[verify11] = <<<ENDverify11
					<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
						<td align="left" valign="top">
							<table cellpadding="1" cellspacing="2" border="0"><tr>
								<td valign="top">
								Welcome back to our system $HTTP_POST_VARS[user_name].<br><br><br>Now that you have successfully
								validated yourself, we ask that you read the terms and conditions of our open source
								license before your account is activated:<br>
								<form method="POST" action="$PHP_SELF">
								<textarea cols="70" rows="20">


Copyright 2001 audiodevil.com All rights reserved.

1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and
the following disclaimer in the documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE AUDIODEVIL.COM PROJECT ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUDIODEVIL.COM PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The views and conclusions contained in the software and documentation are those of the authors and should not
be interpreted as representing official policies, either expressed or implied, of the Audiodevil.com Project.

								</textarea><br>

								<input type="hidden" name="user_name" value="$HTTP_POST_VARS[user_name]">
								<input type="submit" name="verifydt01" value="I Accept">&nbsp;
								<input type="submit" name="decline" value="I Decline">
								</form>
								</td>
							</tr></table>
						</td>
					</tr></table>
ENDverify11;





// For people who decline the BSD license, fools...
$GLOBALS[verify14] = <<<ENDverify14

Thank you for your interest, and sorry things did't work out.
We just deleted all your information from our database.


ENDverify14;





// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

// verifydt02



// password change.......
// This is the page where the user changes their password
$GLOBALS[verify03] = <<<ENDverify03
					<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
						<td align="left" valign="top">
							<form method="POST" action="$PHP_SELF">
							<table cellpadding="1" cellspacing="2" border="0"><tr>
								<td align="left" valign="top">
									<table cellpadding="1" cellspacing="0" border="0"><tr>
										<td align=right>Password:</td>
										<td><input type="password" name="user_pass00" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td align="right">Password&nbsp;again:</td>
										<td><input type="password" name="user_pass01" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td>&nbsp;</td>
										<td>
										<input type="hidden" name="user_name" value="$HTTP_POST_VARS[user_name]">
										<input type="hidden" name="verifydt02" value="true">
										<input type="submit" value="Next ->">
									</tr></table>
								</td>
								<td valign="top">
									Please select a new password for your account.  Your account is not officially active until you supply a new password. Password must also be at least
									7 numbers or characters.<br><br>Once you have completed this your accout will become active.
									Click next to continue.<br>
								</td>
							</tr></table>
							</form>
						</td>
					</tr></table>

ENDverify03;




// This is the page displayed if the passwords don't match up
$GLOBALS[verify04] = <<<ENDverify04
					<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
						<td align="left" valign="top">
							<form method="POST" action="$PHP_SELF">
							<table cellpadding="1" cellspacing="2" border="0"><tr>
								<td align="left" valign="top">
									<table cellpadding="1" cellspacing="0" border="0"><tr>
										<td align=right>Password:</td>
										<td><input type="password" name="user_pass00" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td align="right">Password&nbsp;again:</td>
										<td><input type="password" name="user_pass01" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td>&nbsp;</td>
										<td>
										<input type="hidden" name="user_name" value="$HTTP_POST_VARS[user_name]">
										<input type="hidden" name="verifydt02" value="true">
										<input type="submit" value="Next ->">
									</tr></table>
								</td>
								<td valign="top">
									<font color="red"><b>Passwords do not match</b></font><br>
									The passwords your supplied do not match.  Please retype your passwords and try again.<br>
								</td>
							</tr></table>
							</form>
						</td>
					</tr></table>

ENDverify04;



// If the passwords are under 7 characters.
$GLOBALS[verify05] = <<<ENDverify05
					<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
						<td align="left" valign="top">
							<form method="POST" action="$PHP_SELF">
							<table cellpadding="1" cellspacing="2" border="0"><tr>
								<td align="left" valign="top">
									<table cellpadding="1" cellspacing="0" border="0"><tr>
										<td align=right>Password:</td>
										<td><input type="password" name="user_pass00" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td align="right">Password&nbsp;again:</td>
										<td><input type="password" name="user_pass01" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td>&nbsp;</td>
										<td>
										<input type="hidden" name="user_name" value="$HTTP_POST_VARS[user_name]">
										<input type="hidden" name="verifydt02" value="true">
										<input type="submit" value="Next ->">
									</tr></table>
								</td>
								<td valign="top">
									<font color="red"><b>Passwords under 7 characters</b></font><br>
									The passwords your supplied do not meet the 7 character criteria.  Please choose a new password.<br>
								</td>
							</tr></table>
							</form>
						</td>
					</tr></table>

ENDverify05;



// this is more a place holder... sould never happen.
$GLOBALS[verify10] = <<<ENDverify10

There was an error processing this request:<br>
failled creating the md5 signature.

ENDverify10;


// when fetching the data from the tmp_user table fails.
$GLOBALS[verify08] = <<<ENDverify08

This page depends on temporary data that is no longer available.

ENDverify08;


// when fail to create a user
$GLOBALS[verify09] = <<<ENDverify09

Fail to create the user,
or the user may already exist.

ENDverify09;


// purge the new users record from tmp_user table.
$GLOBALS[verify12] = <<<ENDverify12

failled to purge the tmp_user table.

ENDverify12;


// The success page.
$GLOBALS[verify13] = <<<ENDverify13

You completed the signup process, and you can now go to <a href="$GLOBALS[url_path]/login.php">the login page</a>.

ENDverify13;

// The page for when the mkdir command fails.
$GLOBALS[verify14] = <<<ENDverify14

You completed the signup process, but there was an error: Could not create your home folder for storing files.
You may log in, but you may not store any files, and with out that there is not much you can do.
To rectify the situation please consult with the site administrator, and ask them to manually create your home folder.
Thsi error is typically the cause of permisions being too strong on the target filesystem.

ENDverify14;

// User left a field blank while resetting password
$GLOBALS[verify15] = <<<ENDverify15
					<table width="100%" cellpadding="0" cellspacing="0" border="0"><tr>
						<td align="left" valign="top">
							<form method="POST" action="$PHP_SELF">
							<table cellpadding="1" cellspacing="2" border="0"><tr>
								<td align="left" valign="top">
									<table cellpadding="1" cellspacing="0" border="0"><tr>
										<td align=right>Password:</td>
										<td><input type="password" name="user_pass00" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td align="right">Password&nbsp;again:</td>
										<td><input type="password" name="user_pass01" value="" size="15" maxlength="25"></td>
									</tr><tr>
										<td>&nbsp;</td>
										<td>
										<input type="hidden" name="user_name" value="$HTTP_POST_VARS[user_name]">
										<input type="hidden" name="verifydt02" value="true">
										<input type="submit" value="Next ->">
									</tr></table>
								</td>
								<td valign="top">
									<font color="red"><b>Not Complere</b></font><br>
									A required field was left blank.  Please fill in all required filds and try again.<br>
								</td>
							</tr></table>
							</form>
						</td>
					</tr></table>

ENDverify15;

// The success page.
$GLOBALS[verify15] = <<<ENDverify15

	There was a problem setting up your default navbars.. <br>

ENDverify15;

// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~












	// Starting the validation

	if($HTTP_POST_VARS[verifydt00]){

		// The fist page of the verifyuser page.
		// In this part, somebody has attempted to login.

		// the password attempted by the user.
		$GLOBALS[post_md5] = md5($HTTP_POST_VARS[user_pass]);

		// I feel lazy, so here is getting the result array, and assigning the var
		$query = "SELECT user_pass FROM tmp_users WHERE user_name='$HTTP_POST_VARS[user_name]'";
		if($result_array = $user_db->fetch_numeric("$query")) $GLOBALS[db_md5] = $GLOBALS[result_array][0][0];

		// first, check that none of the fields were left blank.
		if(empty($HTTP_POST_VARS[user_name]) ||	empty($HTTP_POST_VARS[user_pass])) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify07]");

		// then, Check to see if the username exists in the database
		elseif(!$user_db->chk_user_name($HTTP_POST_VARS[user_name], "tmp_users")) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify01]");

		// Check to see if the password supplied matches the tmp_users database
		elseif($GLOBALS[db_md5] != $GLOBALS[post_md5]) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify02]");

		// The page that is success, it works.
		else $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify11]");

	}elseif($HTTP_POST_VARS[verifydt01] xor $HTTP_POST_VARS[decline]){



		if($HTTP_POST_VARS[verifydt01]) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify03]");
		elseif($HTTP_POST_VARS[decline]){

			$GLOBALS[result_array] = $user_db->get_tmp_user($HTTP_POST_VARS[user_name]);
			$user_db->purge_record($GLOBALS[result_array][0][id], "tmp_users");

			$contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify14]");


		}

	}elseif($HTTP_POST_VARS[verifydt02]){
		// A user is attempting to change his password for the first time ever.
		// if they succesful, we insert their info to the main user table.

		// Check to see if the fields are empty
		if(empty($HTTP_POST_VARS[user_pass00]) || empty($HTTP_POST_VARS[user_pass01])) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify15]");

		// Check to see if the passwords match
		elseif($HTTP_POST_VARS[user_pass00] != $HTTP_POST_VARS[user_pass01]) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify04]");

		// Check if at least one of the password fields are 7 chars
		elseif(strlen($HTTP_POST_VARS[user_pass00]) < 7) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify05]");

		// get the md5 sum for the password.
		elseif(!$GLOBALS[post_md5] = md5($HTTP_POST_VARS[user_pass00])) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify10]");

		// fetch the data from the tmp_user table.
		elseif(!$GLOBALS[result_array] = $user_db->get_tmp_user($HTTP_POST_VARS[user_name])) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify08]");

		// insert the info into the user table.
		elseif(!$user_db->create_user($GLOBALS[result_array][0][user_name], $GLOBALS[post_md5], $GLOBALS[result_array][0][first_name], $GLOBALS[result_array][0][last_name], $GLOBALS[result_array][0][user_email], "0", "1", $GLOBALS[result_array][0][created], time())) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify09]");

		// Create the default navboxes to have
		elseif(!$user_db->set_navbox_array($GLOBALS[result_array][0][user_name], '')) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify15]");

		// purge the records of the tmp_user table.
		elseif(!$user_db->purge_record($GLOBALS[result_array][0][id], "tmp_users")) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify12]");


		// show success page, congradulations man!
		else{

			$dir_path = "$GLOBALS[audio_folder]/$HTTP_POST_VARS[user_name]";
			//echo "$dir_path<br>\n";
			if(!mkdir("$dir_path", 0777)) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify13]");
		}
	}else{
		// show the first possible page.
		$contents = array("$GLOBALS[page_title]"=>"$GLOBALS[verify00]");
	}

// Starting page output
draw_header("$GLOBALS[page_title]");
draw_nav($nav_array);
draw_sect($contents);
draw_footer();
ob_end_flush();
?>
Return current item: Mummi (Multi-user MOD_MP3 Interface)